swiki edit requiring https and log in?

When did the swiki get TLS'd?

I was just trying to update the page on my MQTT package. Hitting 'edit' raises a login dialogue and jumps to an https URL. That doesn't ring any bells.

tim
--
tim Rowledge; [hidden email]; http://www.rowledge.org/tim
Useful Latin Phrases:- Die dulci fruere = Have a nice day

Hi Tim,
I turned on HTTPS for wiki.squeak.org. Don't know about your login issue, can you login?

Fabio

> On 2018-09-15, at 11:02 PM, Fabio Niephaus <[hidden email]> wrote:
>
> Hi Tim,
> I turned on HTTPS for wiki.squeak.org. Don't know about your login issue, can you login?


What was the reason for requiring a login? And where would I get a login/password (there is no 'register' option appearing)? Is it set up to allow a password from some other related site like squeakmap?

It seems like a bit of a jump from everything being open with pages optionally locked, though I suppose one might argue that there are so many damn trolls and other bad actors around these days that we have to lock everything up.

tim
--
tim Rowledge; [hidden email]; http://www.rowledge.org/tim
Useful random insult:- Wasn't fully debugged before being released.

> On 2018-09-16, at 10:44 AM, tim Rowledge <[hidden email]> wrote:
>  And where would I get a login/password (there is no 'register' option appearing)? Is it set up to allow a password from some other related site like squeakmap?

D'oh, ok the old default password works, which is, like, d'oh.
But why bother with https for stuff we leave open?

tim
--
tim Rowledge; [hidden email]; http://www.rowledge.org/tim
Strange OpCodes: BYEBYE: Store in Write-Only Storage

> On 2018-09-17, at 5:40 PM, Fabio Niephaus <[hidden email]> wrote:
>
> HTTPS is enabled for a bunch of squeak.org subdomains (for good reasons)

Undoubtedly!

> and it's easier to enable it for others than to disable it. I also don't see why we wouldn't want to have it enabled for our wiki or do you want to keep sending your login credentials in plain text through the web these days?

Thing is, for the swiki it *isn't* my login credentials - just the page specific (though usually the defaults that we publish on the page that explains how to use the swiki) values, so I'm not certain it is a worry. Certainly, using https in general is a good thing from what I understand. However. it seems like a not-quite-right thing to demand a log-in just for going to the edit page; surely the spirit of the swiki would be to request the password (only) when actually asking to save a new version? And I freely admit I have no idea how or whether that can actually be done.

tim
--
tim Rowledge; [hidden email]; http://www.rowledge.org/tim
Oxymorons: Taped live